Invalid_grant error in Epic's simulator

[Petra Franjić]

Hello all, 

I've been trying to test an app adapted for the patient portal EHR launch with Epic's Simulator and I would greatly appreciate if someone could point me in the right direction with the issues I'm facing.

What happens is that, after having successfully obtained an authorisation code, trying to exchange this code for an access token fails with 400 BAD_REQUEST and invalid_grant being returned from Epic's side. 

I thought the issue could be with the sent redirect_uri not being url encoded. If I url encode it, the request fails with an invalid_client error being returned.

Does anybody share any hints or suggestions on what could be wrong? 

[dvac...@xinonix.com]

Petra,

I have been contending with similar with the simulator at fhir.epic.com and what I did to resolve this is the following:

1. In your app registration check "Require Refresh Tokens" ... I needed this because I wanted to possibly use refresh tokens and its part of the means of generating a client-secret for you application.

2. Click the "Generate Secret" button which will populate a secret (which for fhir.epic.com appears to be a base64 encoded JWT token)

3. Copy this secret and use this during your apps "token" POST request.

4. Click the "Store Hash" button to store this secret associated to your app registration.

5. Check the "I accept the terms and conditions of open.epic." check-box

6. Click the "Save & Ready for Sandbox" button  

7.  HERE IS THE MOST IMPORTANT PART.... wait some time... this is very unfortunate but many of Epics app registration mods are not made in real-time but populate over time (they refer to this as synching) ... I waited a couple of days but possibly it is less. 

Hope this helps! 

Dave

[Petra Franjić]

Thanks a bunch Dave! I'm happy to report that following the steps resolved the issue.

Cheers, 

Petra